Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ubuntu-core-launcher程序包安全漏洞
Vulnerability Description
Ubuntu是英国科能(Canonical)公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。ubuntu-core-launcher package是一个启动Ubuntu的核心应用程序包。 ubuntu-core-launcher程序包1.0.27.1之前版本的‘setup_snappy_os_mounts’函数中存在安全漏洞,该漏洞源于当程序使用snap时没有正确确定bind挂载的挂载点。远程攻击者可借助带有特制名称(以‘ubuntu-core’开始)的snap利用该漏
CVSS Information
N/A
Vulnerability Type
N/A